undefined | Better HN

Skip to content

Top New Best Ask Show Jobs

undefined | Better HN

0 pointspoizan422y ago0 comments

No, the "nefarious" means they are simply using APIs like WriteProcessMemory/ VirtualProtectEx/CreateRemoteThreadEx to modify the memory of runing programs or use SetWindowsHookEx to install global hooks (which inject your dll into every process for the non low-level events)

0 comments

Is this any different than what a virus would do?

Filligree2y ago

Yes. Intent matters.

xboxnolifes2y ago

Is these APIs are only used by viruses, why do they exist?

Because they are also used by debuggers, security tools, and other flavors of "keep the world humming along despite its best efforts to kill itself."

j / k navigate · click thread line to collapse